AWS Fraud Detector

Jan 1, 2020

AWS announced a Fraud detection service which is an ML-powered service requiring no machine language experience to use. It detects common types of online fraud such as: abuse of new accounts, guest accounts, promo codes, trial versions, and stolen credentials. There is an online payment fraud component being added soon.

Based on the results, you might end up hardening parts of the process to further verify users. The API can also check your rules: So for example, if you picked to approve any new account where the API model score was over 75, your code could let the sign-up continue.

You can upload old logs or data to train the fraud detector based on your actual site instead of generic data. Your data is not shared with other customers.

The basic process is:

• get your old data and upload to private S3 buckets,
• pick the best template in Fraud Detection Service,
• let the template tool analyze your data then make suggestions on how to adjust and train,
• make rules based on the predictions, and
• call the API during sign-ups or other events where it would be useful (i.e., you could send the IP and email address to the API to get a score and analysis from your rules).

It's not cheap, but you could compare the predicted cost vs loss to fraud in the past months/year and decide whether it's worth it.